Podcast Summary: Cyber Security Headlines – Week in Review

Title: Cyber Security Headlines
Host: CISO Series
Release Date: December 20, 2024
Episode: Week in Review: Data Breach Impact Study, US Weighs TP-Link Ban, BeyondTrust Cyberattack

Introduction

In this episode of Cyber Security Headlines, hosted by Rich Strofolino from the CISO Series, Rich is joined by returning guest Bethany Delude, the Chief Information Security Officer (CISO) at the Carlyle Group. The duo delves into the most pressing cybersecurity stories of the week, offering expert insights and professional opinions on each topic. This summary encapsulates their discussions on data breaches, regulatory actions against TP-Link, a significant cyberattack on BeyondTrust, and more.

1. Recorded Future's Data Breach Impact Study

Overview: Rich introduces a report by Recorded Future’s Insect Group, highlighting a 76% increase in publicly reported data breaches from 2022 to 2023, with a projected further 5% rise in 2024.

Key Points:

• Costly Impacts: The report emphasizes that data breaches lead to operational disruptions, legal risks, and declining sales due to customer churn and loss of trust.
• Strategic Lag: Companies are failing to advance their security strategies, risking falling behind in the evolving threat landscape.

Notable Quotes:

• Rich (00:00): “We’re trading stuff. We don’t know the rules.”
• Bethany (01:12): “Our information landscape really is identity. Like that is your new perimeter.”

Discussion: Bethany underscores the complexity of the current threat environment, noting the shift from traditional boundaries to securing identities and managing third-party partnerships. She emphasizes that addressing these multifaceted risks requires more than just financial investment; it necessitates a new strategic approach to cybersecurity.

2. Data Breaches in Rhode Island and Connect On Call

Overview: The episode covers two significant data breaches:

• Rhode Island’s RI Bridges System: Managed by Deloitte, it was hit by a ransomware attack linked to the Brain Cipher gang, exposing sensitive data of residents applying for public assistance.
• Connect On Call: A subsidiary of Healthcare SAS, it notified over 900,000 patients of a breach involving health-related data.

Notable Quotes:

• Bethany (07:38): “People couldn’t get prescriptions, they can’t do their telehealth visits.”
• Bethany (09:16): “There’s a lot of personal information. It’s not just a health diagnosis.”

Discussion: Bethany highlights the broader implications of such breaches, beyond the exposure of sensitive information. She points out the disruption to essential services like healthcare access and the increased risk of identity theft stemming from compromised data. The conversation also touched upon the challenges in securing critical infrastructure and the need for heightened vigilance in often overlooked sectors.

3. BeyondTrust Cyberattack

Overview: BeyondTrust, a prominent cybersecurity company specializing in privileged access management (PAM), suffered a cyberattack on December 2. Hackers accessed a remote support SaaS API key, potentially allowing them to reset passwords for local application accounts.

Notable Quotes:

• Bethany (11:19): “Identity security is so just table stakes in this environment.”
• Bethany (12:38): “More zero days, more exploits in my crystal ball prediction.”

Discussion: Bethany expresses concern over attacks on security firms, emphasizing that such incidents erode the chain of trust essential for cybersecurity. She predicts an increase in zero-day exploits and vulnerabilities in 2025, stressing the importance of robust identity management and proactive security measures to mitigate such risks.

4. US Considers TP-Link Ban

Overview: The U.S. Commerce, Defense, and Justice Departments are investigating TP-Link, a router manufacturer that holds 65% of the US home router market. Concerns include national security vulnerabilities and potential antitrust violations due to selling below cost.

Notable Quotes:

• Bethany (14:36): “I sense I’m going to be having a nightmare at some point this weekend.”
• Bethany (16:01): “There’s no more honor among thieves.”

Discussion: Bethany discusses the widespread use of TP-Link routers and the challenges in mitigating supply chain risks associated with such prevalent devices. She reflects on the implications of national security vulnerabilities embedded in everyday technology and the difficulty in managing and updating legacy hardware across millions of households. The conversation also touches on the broader issue of dependency on hardware components sourced globally, particularly from regions with higher security risks.

5. Interpol Renames "Pig Butchering" to "Romance Baiting"

Overview: Interpol and Europol are advocating for the term "romance baiting" to replace "pig butchering" in describing online relationship and investment scams. The new terminology aims to dehumanize the victims and focus on the manipulative tactics of threat actors.

Notable Quotes:

• Bethany (19:34): “Romance baiting puts the onus more squarely on the person who is victimizing rather than shaming the victim.”
• Bethany (20:20): “I wouldn't like to tell you that I was pig butchered.”

Discussion: Bethany supports the change in terminology, arguing that it promotes empathy and a better understanding of the nature of these scams. By focusing on the manipulative strategies used by scammers, the term "romance baiting" helps in shifting the narrative away from victim-blaming and encourages more victims to come forward.

6. UnitedHealth’s AI-Driven Chatbot Exposure

Overview: UnitedHealth Group's subsidiary, Optum, exposed an internal AI chatbot used for handling patient health insurance claims and disputes. The chatbot was accessible online without password protection, though Samsung claims no sensitive data was leaked.

Notable Quotes:

• Bethany (22:51): “Whether it was a demo or not, it was trained on data and that training data could have been exposed.”
• Bethany (24:29): “They had, you know, hundreds and hundreds of questions were asked of it and all of the chats were stored.”

Discussion: Bethany emphasizes the risks associated with AI tools, even those in a demo phase, highlighting that any exposed data can be leveraged for malicious purposes. She points out the potential for training data to be extracted and used in further attacks, stressing the need for stringent security controls around AI deployments to prevent inadvertent data exposure.

Conclusion

As the episode wraps up, Bethany and Rich reflect on the importance of language in cybersecurity discussions and commend Recorded Future for their stance against being labeled an "undesirable organization." They also express gratitude to their audience and sponsor, ThreatLocker, and extend well wishes for the New Year.

Notable Quote:

• Bethany (25:53): “That one made me smile.”

Bethany encourages listeners to connect with her on LinkedIn, emphasizing the value of professional networking in the cybersecurity community.

Final Thoughts: This week's Cyber Security Headlines episode provides a comprehensive overview of the evolving cybersecurity landscape, highlighting significant breaches, regulatory considerations, and the continual challenges in securing both established and emerging technologies. Rich Strofolino and Bethany Delude offer valuable perspectives, underscoring the critical need for adaptive strategies and robust security frameworks in the face of increasing threats.